Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Barracuda Networks Launches Threatglass for Insight into Compromised Sites

Barracuda Networks announced the launch today of Threatglass, a frontend online tool for analyzing web-based malware.

Barracuda Networks announced the launch today of Threatglass, a frontend online tool for analyzing web-based malware.

According to Barracuda Networks, Threatglass permits users to graphically browse website infections cataloged by Barracuda’s system by viewing screenshots of the stages of infection, as well as by analyzing network characteristics such as host relationships and packet captures.

“Good sites gone bad is a daily problem for popular websites targeted by attackers and used to serve malware to their unsuspecting visitors,” said Dr. Paul Judge, chief research officer and vice president at Barracuda, in a statement. “Threatglass was designed for both casual users and the research community to provide a way to document and better understand this ongoing problem.”

According to the company, Threatglass is the frontend of a system that utilizes thousands of virtual machines to visit URLs in web browsers to see what happens to the browsers, their plugins and the operating systems. Without prior knowledge of specific exploits served to the browser or its extensions, the resulting network-level actions are recorded and analyzed to reveal whether the URLs serve malicious content, according to the company. 

Websites for inspection are sourced from multiple data feeds including the Alexa Top 25,000 sites, social feeds and suspicious websites from Barracuda’s customer network. In addition to screen captures of the infections, Threatglass displays different representations of network traffic, including DNS, HTTP and Netflow in graphical and textual formats. The system has cataloged approximately 10,000 live web-based malware attacks and adds new ones every day.

The visualization features also allow users to view charting and trending data of historical volumes and examine the relationships between different components of an attacker ring. Users can also submit websites for inspection and analysis.

Barracuda Labs’ malware detection engines have discovered numerous high-profile infections in the last few months and have published findings on Cracked.com, Php.net and Hasbro.com. Those examples and thousands of other infected websites now are visible through Threatglass, according to the company.

 

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Cybercrime

Security researchers with Juniper Networks’ Threat Labs warn of a new Python-based backdoor targeting VMware ESXi virtualization servers.